Reporter : "not allowed for user admin VMWARE"
Good Day,
When we try and create reports, we now get the following :
ACL : not allowed for user admin VMWARE: VM, cluster_SLM-BDC01-GLD01-S-LINUX, SRV005361
ACL : not allowed for user admin VMWARE: VM, cluster_SLM-CDC01-GLD01-S-LINUX, SRV005362
Thisis from LPAR2RRd after installing Xormon. Would Xormon installation mess with LPAR2RRD's reporting feature ?
Regards
Comments
-
do you have set any ACL for the user you use?
-
Good Day,
I have found these files owned by xormon :
# find /home/lpar2rrd/ -user xormon
/home/lpar2rrd/lpar2rrd/etc/web_config/audit.log
/home/lpar2rrd/lpar2rrd/etc/web_config/users-xormon.json
Xormon Would not link to LPAR2RRD so we stopped / disabled it. For access to LPAR2RRD we have defined two AD Groups. One is an Admin Group and another is a User Group. I login to LPAR2RRD with my AD Account which is in the Admin Group. These groups are defined in the httpd.conf file and that works fine with regards logging in etc.
The reporting feature is now creating PDF's that cannot be opened as it contains no pages according to error. There are no ACL's defined anywhere else.
Regards
-
How to edit this file to grant admin access ?
$ cat /home/lpar2rrd/lpar2rrd/etc/.web_config/users.json
{
"ACLimported" : false,
"groups" : {
"ReadOnly" : {
"description" : "Member can see everything but nothing can change."
},
"admins" : {
"ACL" : {
"lpars" : {},
"vms" : {},
"solo" : {},
"cgroups" : [
"*"
]
},
"description" : "LPAR2RRD Administrators"
}
},
"users" : {
"admin" : {
"last_login" : "",
"active" : 1,
"htpassword" : "$apr1$CSoXefyw$wGe9K7Ld5ClOEozE4zC.T1",
"name" : "LPAR2RRD Administrator",
"email" : "",
"created" : "2017-09-22T13:39:47Z",
"groups" : [
"admins"
],
"config" : {
"db_width" : 120,
"db_height" : 50,
"timezone" : "",
"db_items" : [],
"locale" : "en-US",
"menu_width" : 150
},
"updated" : "2017-09-22T13:39:47Z"
}
}
}
-
do not edit it, it is a backup anyway, use UI --> settings --> users --> ACL
-
Good Day,
We did try implement the follwoing :
... but it voided our AD Group access so we unconfigured it. I am assuming since we implemebnted the above at a point it made changes that are not reversable when we unconfigured it ?
-
I do not understand that
-
Good Day,
Currently we use AD LDAP Authentication. There is an Admin Group and a User Group. I am in the Admin Group and when I login I can see everything. If I try and run a report the following happens :
reporter START : Thu Oct 12 13:16:08 2023
load cfg : /home/lpar2rrd/lpar2rrd/etc/web_config/reporter.json
product : LPAR2RRD
user : admin
report name : Lameez Request
format : PDF
start time : 1696575600, 09:00:00 06.10.2023
end time : 1696597200, 15:00:00 06.10.2023
ACL : not allowed for user admin VMWARE: VM, cluster_SLM-BDC01-GLD01-S-LINUX, SRV005361
ACL : not allowed for user admin VMWARE: VM, cluster_SLM-CDC01-GLD01-S-LINUX, SRV005362
create PDF : /home/lpar2rrd/lpar2rrd/reports/admin/Lameez_Request/Lameez_Request-20231012_131613.pdf
remove dir : /home/lpar2rrd/lpar2rrd/reports/admin/Lameez_Request/PDF-tmp
emails found : 1
attachment : Content-Type="application/pdf",filename="Lameez_Request-20231012_131613.pdf"
send email to : group="admins" email="sanlam-linux@bcx.co.za" from="noreply@sanlam.co.za"
download : /home/lpar2rrd/lpar2rrd/reports/admin/Lameez_Request/Lameez_Request-20231012_131613.pdf
stored report : /home/lpar2rrd/lpar2rrd/reports/admin/Lameez_Request/Lameez_Request-20231012_131613.pdf
reporter END : Thu Oct 12 13:16:15 2023
Now we have no ACL's in LPAR2RRD ... it shows as follows :
User management
Apache authentication is not defined for this tool. Please follow online instructions to get it work.
-
are you running it from a cmd line like this: https://lpar2rrd.com/reporter-scripting.php
are you under support? it is an enterprise version feature.
-
Good Day,
No ... the free version where we are restricted to a single report. The report is configured and run from the WebUI.
It has been working fine for many years but when we tried to implement ACL's briefly and it did not work so we rolled that back but it seems something remianed ? That is the issue.
The original httpd.conf was put back and the .htpasswd files were removed.
Regards
-
UI --> settings --> users --> ACL
is there anything persist?
Howdy, Stranger!
Categories
- 1.6K All Categories
- 48 XORMON NG
- 25 XORMON
- 153 LPAR2RRD
- 13 VMware
- 16 IBM i
- 2 oVirt / RHV
- 4 MS Windows and Hyper-V
- Solaris / OracleVM
- XenServer / Citrix
- Nutanix
- 7 Database
- 2 Cloud
- 10 Kubernetes / OpenShift / Docker
- 124 STOR2RRD
- 19 SAN
- 7 LAN
- 17 IBM
- 3 EMC
- 12 Hitachi
- 5 NetApp
- 15 HPE
- Lenovo
- 1 Huawei
- 2 Dell
- Fujitsu
- 2 DataCore
- INFINIDAT
- 3 Pure Storage
- Oracle